quiz 16
An IT manager wants to secure a storage room with expensive server equipment. Which of the following will provide the best contactless security? A. Badge reader B. Electronic lock C. Conventional lock D. Bollard
A. Badge reader A badge reader offers the most security. Some types of electronic locks work with a hardware token rather than a PIN. The token might be a basic magnetic swipe card. A more advanced type of lock works with a cryptographic contactless smart card or key fob.
A user wants to secure their home router. Which of the following are strong security practices? (Select all that apply.) A. Content filtering B. Disable 2.4 GHz Broadcast C. Firmware update D. AAA
A. Content filtering C. Firmware update Content filtering means that the firewall downloads curated reputation databases that associate IP address ranges, FQDNs, and URL web addresses with sites known to host various categories of content like malware, spam, or other threats. Users should keep the firmware and driver for the home router up to date with the latest patches. This is important because it allows the user to fix security holes and support the latest security standards, such as WPA3.
A security analyst is looking at the overall security status of systems on the network. Which of the following represents the greatest risk? A. EOL system B. Unprotected system C. Zero-day D. Non-compliant system
A. EOL system A legacy or end of life (EOL) system is one where the software vendor no longer provides support or fixes for problems. These represent the greatest risk to the network.
A human resources specialist has started working from home. The specialist is somewhat security conscious and wants to keep their home network secure. What else besides the router operating system patches should the specialist keep patched? A. Firmware B. UPnP C. Default password D. AAA
A. Firmware Users should keep the firmware and driver for the home router up to date with the latest patches. This is important because it allows the user to fix security holes and support the latest security standards, such as WPA3.
A security manager at a top-secret facility assesses the feasibility of integrating biometric authentication but has heard that it is often not accurate. Which of the following is the most accurate form of biometrics? A. Retina scanner B. Palmprint scanning C. Fingerprint readers D. Badge reader
A. Retina scanner Retinal scanning is one of the most accurate forms of biometrics. Retinal patterns are very secure, but the equipment required is expensive and the process is relatively intrusive and complex.
A network manager for a growing coffee company sets up wireless access points at cafe locations for users. The manager wants to set up access to allow anyone in the vicinity to join without a password but also make it as secure as possible. Which standard introduced this ability? A. WPA3 B. WPA2 C. WPA D. WEP
A. WPA3 In WPA2, Wi-Fi Enhanced Open traffic is unencrypted. WPA3 encrypts this traffic. This means that any station can still join the network, but traffic is protected against sniffing.
A penetration tester gains access to a regular user's box. The tester wants to escalate privileges, so they call into the help desk, as the regular user, and sets up a script that will capture the help desk user's Kerberos token to be able to replay. What is this social engineering technique called? A. Dumpster diving B. Impersonation C. Shoulder surfing D. Tailgating
B. Impersonation Impersonation means that the penetration tester develops a pretext scenario to give themselves an opportunity to interact with an employee.
A security company was asked to help set up physical security at a massive company to identify concealed weapons coming into the building. What should the company implement? A. Access control vestibule B. Magnetometer C. Bollard D. Fencing
B. Magnetometer A handheld magnetometer is a type of metal detector that is often deployed at airports and in public buildings to identify concealed weapons or other items.
A network administrator analyzes the physical placement of routers or network appliances to ensure a secure location. What is the administrator helping to prevent? A. Default password B. Power off C. Firmware update D. Evil twin
B. Power off A non-malicious threat actor could damage or power off an appliance by accident. A malicious threat actor could use physical access to tamper with an appliance or attach unauthorized devices to network or USB ports or use the factory reset mechanism and log on with the default password.
A network administrator is setting up administrative access to network devices. What common solution is used for this? A. Kerberos B. TACACS+ C. RADIUS D. EAP
B. TACACS+ TACACS+ is an AAA protocol like RADIUS, but it is typically used for device administration rather than user access to the network.
A network administrator sets up a network access control solution throughout the enterprise which allows them to see ports with multiple devices connected into a switch port. The administrator uses this to help identify wireless access points throughout the enterprise, especially older ones which may have been forgotten. Which of the following legacy wireless encryption mechanisms is the administrator going to change? (Select all that apply.) A. WPA2 B. WPA C. WPA3 D. WEP
B. WPA D. WEP The first version of Wi-Fi Protected Access (WPA) was designed to fix critical vulnerabilities in the earlier wired equivalent privacy (WEP) standard. Wired Equivalent Privacy (WEP) is an old legacy standard. Neither WEP nor the original WPA version is considered secure enough for continued use.
A server administrator discovers that a server service account for a File Transfer Protocol (FTP) server was compromised. Which of the following exploits or vulnerabilities did the malicious actor use? A. XSS B. SQL injection C. Plaintext D. DoS
C. Plaintext A plaintext password can be captured by obtaining a password file or by sniffing unencrypted traffic on the network.
A jewelry chain has just discovered how to make a new form of jewels that has never been created before. They want to set up some sort of alarm if the jewels are taken out of their designated area. What type of alarm should the jewelry chain set up specific to the jewels? A. Motion sensors B. Circuit C. RFID D. Duress
C. RFID Radio frequency ID (RFID) tags and readers can be used to track the movement of tagged objects within an area. This can form the basis of an alarm system to detect whether someone is trying to remove equipment.
A student is interning for a security team at a major company and wants to practice on their home network. They want to make sure devices are easily identified when traffic is examined. Which of the following will help them accomplish this? A. Port forward B. UPnP C. Reservation D. Port triggering
C. Reservation One option is to create a reservation (DHCP) for the device on the Dynamic Host Configuration Protocol (DHCP) server. This means that the DHCP server always assigns the same IP address to the host.
A vulnerability manager is ramping up the vulnerability management program at their company. Which of the following is the most important consideration for prioritizing patching? A. Actor B. Threat C. Risk D. MFA
C. Risk Risk is the likelihood and impact (or consequence) of a threat actor exercising a vulnerability. This is the most important aspect of the prioritization of patches.
A network professional sets up the ability to authenticate over Extensible Authentication Protocol over Wireless (EAPoW). Which of the following will the professional need to configure? A. Active directory B. WPA3 C. TACACS+ D. MFA
C. TACACS+ The network administrator will need to set up a TACACS+ server for an Authentication, Authorization, and Accounting (AAA) server. When the user has been authenticated, the AAA server transmits a master key (MK) to the wireless PC or laptop.
A server administrator wants to secure a whole row of servers. What would be the best way to secure access to the servers? A. Kensington locks B. Chassis locks C. Fingerprint readers D. Cabinet locks
D. Cabinet locks Lockable rack cabinets control access to servers, switches, and routers installed in standard network racks. These can be supplied with key-operated or electronic locks.
A hotel manager notices that a wireless access point with the same service set identifier (SSID) is broadcasting with higher power. What attack could this indicate? A. Whaling B. Phishing C. Footprinting D. Evil twin
D. Evil twin An evil twin attack is similar to phishing but instead of an email, the attacker uses a rogue wireless access point to try to harvest credentials.
A network administrator wants to enable authentication for wireless access points against an Active Directory database. Which of the following will the administrator need to use? A. LDAP B. TACACS+ C. OU D. RADIUS
D. RADIUS Remote Authentication Dial-in User Service (RADIUS) is a widely used authentication protocol that can be used for wireless access point authentication. RADIUS servers can authenticate users against Active Directory.
Question A server administrator for a corporation with an enterprise network was tasked with setting up a website hosted on-premise. How should the administrator set it up? A. Content filtering B. UPnP C. Port forward D. Screened subnet
D. Screened subnet A screened subnet can also be referred to by the deprecated terminology demilitarized zone (DMZ). The idea of a screened subnet is that some hosts are placed in a separate network segment with a different IP subnet address range than the rest of the LAN.
